Authenticating customers using biometrics

ABSTRACT

Methods, systems, and computer-readable media for authenticating customers using biometrics are presented. In some embodiments, a computing platform may receive, from an interactive voice response server, an inbound call notification associated with a telephone call received from a mobile device. Subsequently, the computing platform may determine a device identifier of the mobile device and a customer identifier corresponding to a user of the mobile device. The computing platform then may load a customer authentication profile. Subsequently, the computing platform may generate a biometric authentication prompt for authenticating the user of the mobile device and may cause the biometric authentication prompt to be sent to the mobile device. Thereafter, the computing platform may receive, from the mobile device, a validation message. In response to receiving the validation message, the computing platform may generate an authentication message. Subsequently, the computing platform may send the authentication message to the interactive voice response server.

CROSS REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of and is a continuation of U.S.patent application Ser. No. 14/611,479, filed Feb. 2, 2015, and entitled“AUTHENTICATING CUSTOMERS USING BIOMETRICS,” which is incorporated byreference herein in its entirety.

BACKGROUND

Aspects of the disclosure relate to computer hardware and software. Inparticular, one or more aspects of the disclosure generally relate tocomputer hardware and software for authenticating customers usingbiometrics.

Large organizations, such as financial institutions, may serve manycustomers, and increasingly, such organizations are providing differentways for customers to interact with the organizations about the productsand/or services offered by these organizations, beyond traditionalbrick-and-mortar retail locations. For example, a financial institutionmay provide various channels that allow its customers to convenientlyaccess account information, such as an online banking portal, a customerassistance telephone line, and/or other channels.

As customers continue to demand more effective, efficient, andconvenient ways of interacting with organizations, ensuring the securityof customer account information and other customer data, while stillproviding customers with the convenience and flexibility that theydesire, is becoming increasingly important.

SUMMARY

Aspects of the disclosure relate to various systems and techniques thatprovide effective, efficient, scalable, and convenient ways of ensuringthe security of customer account information and other customer data.

For example, some aspects of the disclosure provide ways ofauthenticating customers in various contexts, particularly in instancesin which a customer of an organization is calling into a customerassistance telephone line (which may, e.g., provide automated service tothe customer using an interactive voice response unit and/or which mayconnect the customer to a customer service representative forassistance) operated by the organization. In one or more arrangements,when a customer dials into a customer assistance telephone line fromtheir smartphone or mobile device, an organization server may generateand send a push notification to the customer's mobile device thatprompts the customer to provide biometric input, such as theirfingerprint, for validation. If the customer's biometric input isvalidated, the customer's mobile device may send a notification back tothe organization server indicating that the customer has beensuccessfully authenticated using biometrics. Based on receiving thisnotification, the organization server may establish the customer'sauthentication status for their telephone session on the customerassistance telephone line. By establishing the customer's authenticationstatus in this way, the customer might not need to be prompted to enteradditional authentication credentials, such as a username and passcode,to access account information and/or other customer data, thus providinga more convenient experience to the customer. In addition, byimplementing these and/or other aspects of the disclosure, enhancedinformation security also may be provided, as the initial pushnotification may be sent only to the customer's mobile device, which maybe pre-registered with the organization to receive prompts to providebiometric input. In some instances, the customer might not otherwise beable to access account information via the customer assistance telephoneline unless valid biometric input is provided via their pre-registeredmobile device, thus further increasing the security of the customer'sinformation. As illustrated in greater detail below, these featuresand/or others may provide more convenient and secure experiences forcustomers of an organization when interacting with the organization invarious ways.

In accordance with one or more embodiments, a customer authenticationcomputing platform having at least one processor, a memory, and acommunication interface may receive, via the communication interface,and from an interactive voice response server, an inbound callnotification associated with a telephone call received by theinteractive voice response server from a mobile device. Subsequently,the customer authentication computing platform may determine a deviceidentifier of the mobile device. Then, the customer authenticationcomputing platform may determine a customer identifier corresponding toa user of the mobile device. The customer authentication computingplatform then may load a customer authentication profile based on thecustomer identifier. Subsequently, the customer authentication computingplatform may generate a biometric authentication prompt forauthenticating the user of the mobile device, and the customerauthentication computing platform may cause the biometric authenticationprompt to be sent to the mobile device. Thereafter, the customerauthentication computing platform may receive, via the communicationinterface, and from the mobile device, a validation message. In responseto receiving the validation message, the customer authenticationcomputing platform may generate an authentication message. Subsequently,the customer authentication computing platform may send, via thecommunication interface, and to the interactive voice response server,the authentication message.

In some embodiments, the customer identifier may identify the user ofthe mobile device as a customer of an organization operating the system.

In some embodiments, the customer authentication profile may includeinformation indicating that the user of the mobile device has registeredthe mobile device to receive biometric authentication prompts.Additionally or alternatively, the customer authentication profile mayinclude information indicating that the mobile device stores one or morepredefined biometric credentials.

In some embodiments, causing the biometric authentication prompt to besent to the mobile device may include causing a push notificationservice to send a push notification to the mobile device.

In some embodiments, the biometric authentication prompt may beconfigured to prompt the user of the mobile device to provide biometricinput for verification by the mobile device. In some instances, thebiometric input may include fingerprint biometric input.

In some embodiments, the validation message may indicate that the userof the mobile device has provided valid biometric input matching one ormore predefined biometric credentials stored by the mobile device.

In some embodiments, the authentication message may establish anauthentication status of the user of the mobile device. Additionally oralternatively, the authentication message may be configured to cause theinteractive voice response server to provide the user of the mobiledevice with access to account information that is specific to the userof the mobile device.

In some embodiments, after sending the authentication message, thecustomer authentication computing platform may receive, via thecommunication interface, and from the interactive voice response server,a transaction request. Subsequently, the customer authenticationcomputing platform may process the transaction request. In someinstances, processing the transaction request may include causing one ormore systems operated by a financial institution to execute a fundstransfer transaction.

These features, along with many others, are discussed in greater detailbelow.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example and not limitedin the accompanying figures in which like reference numerals indicatesimilar elements and in which:

FIG. 1 depicts an illustrative operating environment in which variousaspects of the disclosure may be implemented in accordance with one ormore example embodiments;

FIG. 2 depicts an illustrative block diagram of workstations and serversthat may be used to implement the processes and functions of certainaspects of the present disclosure in accordance with one or more exampleembodiments;

FIG. 3 depicts an illustrative computing environment for authenticatingcustomers using biometrics in accordance with one or more exampleembodiments;

FIGS. 4A-4G depict an illustrative event sequence for authenticatingcustomers using biometrics in accordance with one or more exampleembodiments;

FIGS. 5-7 depict example graphical user interfaces for authenticatingcustomers using biometrics in accordance with one or more exampleembodiments; and

FIG. 8 depicts an illustrative method for authenticating customers usingbiometrics in accordance with one or more example embodiments.

DETAILED DESCRIPTION

In the following description of various illustrative embodiments,reference is made to the accompanying drawings, which form a parthereof, and in which is shown, by way of illustration, variousembodiments in which aspects of the disclosure may be practiced. It isto be understood that other embodiments may be utilized, and structuraland functional modifications may be made, without departing from thescope of the present disclosure.

It is noted that various connections between elements are discussed inthe following description. It is noted that these connections aregeneral and, unless specified otherwise, may be direct or indirect,wired or wireless, and that the specification is not intended to belimiting in this respect.

FIG. 1 depicts an illustrative operating environment in which variousaspects of the present disclosure may be implemented in accordance withone or more example embodiments. Referring to FIG. 1, computing systemenvironment 100 may be used according to one or more illustrativeembodiments. Computing system environment 100 is only one example of asuitable computing environment and is not intended to suggest anylimitation as to the scope of use or functionality contained in thedisclosure. Computing system environment 100 should not be interpretedas having any dependency or requirement relating to any one orcombination of components shown in illustrative computing systemenvironment 100.

Computing system environment 100 may include computing device 101 havingprocessor 103 for controlling overall operation of computing device 101and its associated components, including random-access memory (RAM) 105,read-only memory (ROM) 107, communications module 109, and memory 115.Computing device 101 may include a variety of computer readable media.Computer readable media may be any available media that may be accessedby computing device 101, may be non-transitory, and may include volatileand nonvolatile, removable and non-removable media implemented in anymethod or technology for storage of information such ascomputer-readable instructions, object code, data structures, programmodules, or other data. Examples of computer readable media may includerandom access memory (RAM), read only memory (ROM), electronicallyerasable programmable read only memory (EEPROM), flash memory or othermemory technology, compact disk read-only memory (CD-ROM), digitalversatile disks (DVD) or other optical disk storage, magnetic cassettes,magnetic tape, magnetic disk storage or other magnetic storage devices,or any other medium that can be used to store the desired informationand that can be accessed by computing device 101.

Although not required, various aspects described herein may be embodiedas a method, a data processing system, or as a computer-readable mediumstoring computer-executable instructions. For example, acomputer-readable medium storing instructions to cause a processor toperform steps of a method in accordance with aspects of the disclosedembodiments is contemplated. For example, aspects of the method stepsdisclosed herein may be executed on a processor on computing device 101.Such a processor may execute computer-executable instructions stored ona computer-readable medium.

Software may be stored within memory 115 and/or storage to provideinstructions to processor 103 for enabling computing device 101 toperform various functions. For example, memory 115 may store softwareused by computing device 101, such as operating system 117, applicationprograms 119, and associated database 121. Also, some or all of thecomputer executable instructions for computing device 101 may beembodied in hardware or firmware. Although not shown, RAM 105 mayinclude one or more applications representing the application datastored in RAM 105 while computing device 101 is on and correspondingsoftware applications (e.g., software tasks) are running on computingdevice 101.

Communications module 109 may include a microphone, keypad, touchscreen, and/or stylus through which a user of computing device 101 mayprovide input, and may also include one or more of a speaker forproviding audio output and a video display device for providing textual,audiovisual and/or graphical output. Computing system environment 100may also include optical scanners (not shown). Exemplary usages includescanning and converting paper documents, e.g., correspondence, receipts,and the like, to digital files.

Computing device 101 may operate in a networked environment supportingconnections to one or more remote computing devices, such as computingdevices 141, 151, and 161. Computing devices 141, 151, and 161 may bepersonal computing devices or servers that include any or all of theelements described above relative to computing device 101. Computingdevice 161 may be a mobile device (e.g., smart phone) communicating overwireless carrier channel 171.

The network connections depicted in FIG. 1 may include local areanetwork (LAN) 125 and wide area network (WAN) 129, as well as othernetworks. When used in a LAN networking environment, computing device101 may be connected to LAN 125 through a network interface or adapterin communications module 109. When used in a WAN networking environment,computing device 101 may include a modem in communications module 109 orother means for establishing communications over WAN 129, such asInternet 131 or other type of computer network. The network connectionsshown are illustrative and other means of establishing a communicationslink between the computing devices may be used. Various well-knownprotocols such as transmission control protocol/Internet protocol(TCP/IP), Ethernet, file transfer protocol (FTP), hypertext transferprotocol (HTTP) and the like may be used, and the system can be operatedin a client-server configuration to permit a user to retrieve web pagesfrom a web-based server. Any of various conventional web browsers can beused to display and manipulate data on web pages.

The disclosure is operational with numerous other general purpose orspecial purpose computing system environments or configurations.Examples of well-known computing systems, environments, and/orconfigurations that may be suitable for use with the disclosedembodiments include, but are not limited to, personal computers (PCs),server computers, hand-held or laptop devices, smart phones,multiprocessor systems, microprocessor-based systems, set top boxes,programmable consumer electronics, network PCs, minicomputers, mainframecomputers, distributed computing environments that include any of theabove systems or devices, and the like.

FIG. 2 depicts an illustrative block diagram of workstations and serversthat may be used to implement the processes and functions of certainaspects of the present disclosure in accordance with one or more exampleembodiments. Referring to FIG. 2, illustrative system 200 may be usedfor implementing example embodiments according to the presentdisclosure. As illustrated, system 200 may include one or moreworkstation computers 201. Workstation 201 may be, for example, adesktop computer, a smartphone, a wireless device, a tablet computer, alaptop computer, and the like. Workstations 201 may be local or remote,and may be connected by one of communications links 202 to computernetwork 203 that is linked via communications link 205 to server 204. Insystem 200, server 204 may be any suitable server, processor, computer,or data processing device, or combination of the same. Server 204 may beused to process the instructions received from, and the transactionsentered into by, one or more participants.

Computer network 203 may be any suitable computer network including theInternet, an intranet, a wide-area network (WAN), a local-area network(LAN), a wireless network, a digital subscriber line (DSL) network, aframe relay network, an asynchronous transfer mode (ATM) network, avirtual private network (VPN), or any combination of any of the same.Communications links 202 and 205 may be any communications linkssuitable for communicating between workstations 201 and server 204, suchas network links, dial-up links, wireless links, hard-wired links, aswell as network types developed in the future, and the like.

FIG. 3 depicts an illustrative computing environment for authenticatingcustomers using biometrics in accordance with one or more exampleembodiments. Referring to FIG. 3, computing environment 300 may includeone or more computing devices. For example, computing environment 300may include an interactive voice response (IVR) server 302 (which may,e.g., be configured to place and/or receive telephone calls; process andrespond to numerical and/or voice input received via one or moretelephone connections; access, create, and/or modify data stored by oneor more other computing devices and/or otherwise interact with one ormore other computing devices; and/or provide various other telephonyservices). Computing environment 300 also may include a customer servicerepresentative computing device 304 (which may, e.g., be used by acustomer service representative or agent of an organization, such as afinancial institution that may utilize various aspects of the disclosureto authenticate customers using biometrics).

Computing environment 300 also may include a customer mobile device 306(which may, e.g., be a mobile computing device that is used by a firstcustomer of an organization, such as a customer of a financialinstitution). In addition, computing environment 300 may include acustomer mobile device 308 (which may, e.g., be a mobile computingdevice that is used by a second customer of the organization differentfrom the first customer of the organization, such as a differentcustomer of the financial institution than the customer who may usecustomer mobile device 306).

Computing environment 300 also may include an administrative computingdevice 330 (which may, e.g., be used by and/or operated by anadministrative user or other individual who may be associated with theorganization and who may administer and/or otherwise control variouscomputing devices and/or computer systems that are operated by and/orotherwise associated with the organization. In addition, computingenvironment 300 may include a push notification server 340 (which may,e.g., provide a push notification service that may be used to send oneor more push notifications to various mobile computing devices, such ascustomer mobile device 306 and customer mobile device 308).

Interactive voice response server 302, customer service representativecomputing device 304, customer mobile device 306, customer mobile device308, administrative computing device 330, and push notification server340 may be any type of computing device capable of receiving a userinterface, receiving input via the user interface, and communicating thereceived input to one or more other computing devices. For example,interactive voice response server 302, customer service representativecomputing device 304, customer mobile device 306, customer mobile device308, administrative computing device 330, and push notification server340 may be a server computer, a desktop computer, laptop computer,tablet computer, smart phone, or the like. As noted above, and asillustrated in greater detail below, any and/or all of interactive voiceresponse server 302, customer service representative computing device304, customer mobile device 306, customer mobile device 308,administrative computing device 330, and push notification server 340may, in some instances, be special-purpose computing devices configuredto perform specific functions.

Computing environment 300 also may include one or more computingplatforms. For example, computing environment 300 may include customerauthentication computing platform 310. Customer authentication computingplatform 310 may include one or more computing devices configured toperform one or more of the functions described herein. For example,customer authentication computing platform 310 may include one or morecomputers (e.g., laptop computers, desktop computers, servers, serverblades, or the like).

Computing environment 300 also may include one or more networks, whichmay interconnect one or more of interactive voice response server 302,customer service representative computing device 304, customer mobiledevice 306, customer mobile device 308, administrative computing device330, push notification server 340, and customer authentication computingplatform 310. For example, computing environment 300 may includeorganization network 312 and public network 314. Organization network312 and/or public network 314 may include one or more sub-networks(e.g., LANs, WANs, or the like). Organization network 312 may beassociated with a particular organization (e.g., a corporation,financial institution, educational institution, governmentalinstitution, or the like) and may interconnect one or more computingdevices associated with the organization. For example, interactive voiceresponse server 302, customer service representative computing device304, administrative computing device 330, and customer authenticationcomputing platform 310 may be associated with an organization (e.g., afinancial institution), and organization network 312 may be associatedwith and/or operated by the organization, and may include one or morenetworks (e.g., LANs, WANs, VPNs, or the like) that interconnectinteractive voice response server 302, customer service representativecomputing device 304, administrative computing device 330, and customerauthentication computing platform 310 and one or more other computingdevices and/or computer systems that are used by, operated by, and/orotherwise associated with the organization. Public network 314 mayconnect organization network 312 and/or one or more computing devicesconnected thereto (e.g., interactive voice response server 302, customerservice representative computing device 304, administrative computingdevice 330, and customer authentication computing platform 310) with oneor more networks and/or computing devices that are not associated withthe organization. For example, customer mobile device 306, customermobile device 308, and push notification server 340 might not beassociated with an organization that operates organization network 312,and public network 314 may include one or more networks (e.g., theInternet) that connect customer mobile device 306, customer mobiledevice 308, and push notification server 340 to organization network 312and/or one or more computing devices connected thereto (e.g.,interactive voice response server 302, customer service representativecomputing device 304, administrative computing device 330, and customerauthentication computing platform 310).

Customer authentication computing platform 310 may include one or moreprocessor(s) 316, memory 318, communication interface 320, and data bus322. Data bus 322 may interconnect processor(s) 316, memory 318, and/orcommunication interface 320. Communication interface 320 may be anetwork interface configured to support communication between customerauthentication computing platform 310 and organization network 312, orone or more sub-networks thereof. Memory 318 may include one or moreprogram modules comprising instructions that when executed by theprocessor(s) 316 cause customer authentication computing platform 310 toperform one or more functions described herein. For example, memory 318may include customer authentication module 324, which may compriseinstructions that when executed by processor(s) 316 cause customerauthentication computing platform 310 to perform one or more functionsdescribed herein.

FIGS. 4A-4G depict an illustrative event sequence for authenticatingcustomers using biometrics in accordance with one or more exampleembodiments. Referring to FIG. 4A, at step 401, customer mobile device306 may receive input placing a phone call. For example, at step 401,customer mobile device 306 may receive input from the user of customermobile device 306 placing a telephone call to a customer assistancetelephone line that is operated by, provided by, and/or otherwiseassociated with a financial institution (which may, e.g., provide thecustomer assistance telephone line to allow its customers to receiveautomated assistance from an interactive voice response server and/ormanual assistance from a customer service representative). Asillustrated in greater detail below, by calling into such a customerassistance telephone line, the user of customer mobile device 306 (whomay, e.g., be a customer of the financial institution) may be able toaccess account information and/or other customer data that is specificto the user of customer mobile device 306. For example, via the customerassistance telephone line, the user of customer mobile device 306 may beable to hear account balances, transfer funds between accounts, paybills, hear information about other account details, receive assistancefrom a customer service representative, and/or perform other functionsthat involve accessing and/or interacting with the user's accountinformation and/or customer data.

At step 402, customer mobile device 306 may initiate a telephone call.For example, at step 402, customer mobile device 306 may initiate atelephone call to the customer assistance line (which may, e.g., beprovided by the financial institution, as discussed above) based on theinput received from the user of customer mobile device 306 at step 401.As illustrated in greater detail below, the customer assistance linemay, for example, be provided by one or more interactive voice responseservers operated, controlled, and/or maintained by an organization(e.g., the financial institution), and a specific interactive voiceresponse server that is operated, controlled, and/or maintained by theorganization (e.g., the financial institution) may receive the telephonecall from customer mobile device 306.

At step 403, interactive voice response server 302 may receive thetelephone call from customer mobile device 306. For example, interactivevoice response server 302 may provide a customer assistance line for anorganization (e.g., the financial institution) that may be dialed by theuser of customer mobile device 306 at step 401, and at step 403,interactive voice response server 302 may receive the telephone callinitiated by customer mobile device 306 at step 402 to the customerassistance line on behalf of the organization (e.g., the financialinstitution). At step 404, interactive voice response server 302 mayplay a welcome message. For example, at step 404, interactive voiceresponse server 302 may play an audio message to the user of customermobile device 306, over the telephone connection established betweeninteractive voice response server 302 and customer mobile device 306,that welcomes the user of customer mobile device 306 to the customerassistance line and/or provides instructions and/or other informationabout how the user of customer mobile device 306 may be authenticated byinteractive voice response server 302 and/or the organization operatinginteractive voice response server 302 so as to access information viathe customer assistance line.

Referring to FIG. 4B, at step 405, interactive voice response server 302may generate an inbound call notification. For example, at step 405,interactive voice response server 302 may generate an inbound callnotification, which may be a data message that includes the inboundphone number of the call received from customer mobile device 306 (whichmay, e.g., be the telephone number of customer mobile device 306) and/orother information associated with the call received from customer mobiledevice 306, such as information identifying the mobile network operatorand/or wireless service provider of customer mobile device 306. Asillustrated in greater detail below, interactive voice response server302 and/or customer authentication computing platform 310 may use suchinformation (e.g., the inbound phone number of the call received from306 and/or information identifying the mobile network operator and/orwireless service provider of customer mobile device 306) to determine aunique device identifier that has been defined for customer mobiledevice 306 (e.g., by the organization operating interactive voiceresponse server 302 and/or customer authentication computing platform310).

At step 406, interactive voice response server 302 may send the inboundcall notification to customer authentication computing platform 310. Atstep 407, customer authentication computing platform 310 may receive theinbound call notification. For example, at step 407, customerauthentication computing platform 310 may receive, via a communicationinterface (e.g., communication interface 320), and from an interactivevoice response server (e.g., interactive voice response server 302), aninbound call notification associated with a telephone call received bythe interactive voice response server (e.g., interactive voice responseserver 302) from a mobile device (e.g., customer mobile device 306). Asdiscussed above, the inbound call notification may include informationidentifying the inbound phone number of the telephone call received byinteractive voice response server 302 from customer mobile device 306(which may, e.g., be the telephone number of customer mobile device 306)and/or other information associated with the call received from customermobile device 306, such as information identifying the mobile networkoperator and/or wireless service provider of customer mobile device 306.

At step 408, customer authentication computing platform 310 maydetermine a customer device identifier. For example, at step 408,customer authentication computing platform 310 may determine a deviceidentifier of the mobile device (e.g., customer mobile device 306). Indetermining the device identifier of the mobile device, customerauthentication computing platform 310 may, for instance, accessinformation stored in one or more data tables (which may, e.g., bemaintained by customer authentication computing platform 310 and/or byone or more other computing devices connected to customer authenticationcomputing platform 310) that relates inbound telephone numbers, mobilenetwork operators, and/or wireless service providers, to unique hardwaredevice identifiers. For example, based on accessing such information,customer authentication computing platform 310 may determine theparticular unique device identifier for customer mobile device 306 basedon information identifying the inbound telephone number for the callreceived by interactive voice response server 302 from customer mobiledevice 306 and based on information identifying the mobile networkoperator and/or wireless service provider for customer mobile device 306(which may, e.g., be determined by and/or provided to customerauthentication computing platform 310 by interactive voice responseserver 302 and/or one or more other computing devices connected tocustomer authentication computing platform 310).

At step 409, customer authentication computing platform 310 maydetermine a customer identity. For example, at step 409, customerauthentication computing platform 310 may determine a customeridentifier corresponding to a user of the mobile device (e.g., customermobile device 306). The customer identifier may, for instance, uniquelyidentify a particular customer of an organization (e.g., the financialinstitution) as being an authorized user of customer mobile device 306.For example, the customer identifier may identify the user of the mobiledevice (e.g., customer mobile device 306) as a customer of anorganization operating the system (e.g., customer authenticationcomputing platform 310). In some instances, customer authenticationcomputing platform 310 may determine the customer identifiercorresponding to the user of the mobile device (e.g., customer mobiledevice 306) based on the customer device identifier determined at step408. For example, after determining the customer device identifier,customer authentication computing platform 310 may determine thecustomer identifier (which may, e.g., also be referred to as thecustomer identity) by accessing information stored in one or more datatables (which may, e.g., be maintained by customer authenticationcomputing platform 310 and/or by one or more other computing devicesconnected to customer authentication computing platform 310) thatrelates specific customer device identifiers to specific customeridentifiers. In some instances, the customer identifier may, forexample, be a username that is associated with the user of the mobiledevice (e.g., customer mobile device 306) when accessing otherelectronic resources provided by the organization (e.g., the financialinstitution), such as a customer portal (e.g., an online bankingwebsite) or customer application (e.g., a mobile banking application).

Referring to FIG. 4C, at step 410, customer authentication computingplatform 310 may load a customer authentication profile. For example, atstep 410, customer authentication computing platform 310 may load acustomer authentication profile based on the customer identifierdetermined at step 409. The customer authentication profile that isloaded by customer authentication computing platform 310 may, forexample, be specific to the user of customer mobile device 306 and thusmay be loaded based on the customer identifier determined by customerauthentication computing platform 310 at step 409. Additionally oralternatively, the customer authentication profile may, for instance,include information defining one or more authentication preferences forthe user of customer mobile device 306, such as information identifyingone or more authentication methods that the user of customer mobiledevice 306 has enrolled in and/or otherwise selected for use, includingone or more biometric authentication methods.

In some embodiments, the customer authentication profile may includeinformation indicating that the user of the mobile device has registeredthe mobile device to receive biometric authentication prompts. Forexample, the customer authentication profile (which may, e.g., be loadedby customer authentication computing platform 310 at step 410) mayinclude information indicating that the user of customer mobile device306 has registered customer mobile device 306 (e.g., with customerauthentication computing platform 310, with the organization operatingcustomer authentication computing platform 310) to receive biometricauthentication prompts (e.g., from customer authentication computingplatform 310). For instance, the user of customer mobile device 306 mayhave pre-registered customer mobile device 306 to receive biometricauthentication prompts from customer authentication computing platform310 and/or the organization operating customer authentication computingplatform 310 during an enrollment and/or registration process (whichmay, e.g., be performed by customer authentication computing platform310 and/or customer mobile device 306 prior to step 401 of the exampleevent sequence discussed here). During such an enrollment and/orregistration process, the user of customer mobile device 306 may, forinstance, opt-in to receiving biometric authentication prompts fromcustomer authentication computing platform 310 and/or the organizationoperating customer authentication computing platform 310, may store oneor more biometric credentials (e.g., fingerprints, voiceprints, and/orthe like) on customer mobile device 306, and/or may authorize suchbiometric credentials to be used by customer authentication computingplatform 310 and/or the organization operating customer authenticationcomputing platform 310 as valid authenticators for the user of customermobile device 306.

In some embodiments, the customer authentication profile may includeinformation indicating that the mobile device stores one or morepredefined biometric credentials. For example, the customerauthentication profile (which may, e.g., be loaded by customerauthentication computing platform 310 at step 410) may includeinformation indicating that the mobile device (e.g., customer mobiledevice 306) stores one or more predefined biometric credentials, such asone or more fingerprint biometric credentials, voiceprint biometriccredentials, and/or other biometric credentials that may, for instance,be stored by the mobile device (e.g., customer mobile device 306) duringan enrollment and/or registration process, as discussed above.

At step 411, customer authentication computing platform 310 may generatea biometric authentication prompt. For example, at step 411, customerauthentication computing platform 310 may generate a biometricauthentication prompt for authenticating the user of the mobile device(e.g., customer mobile device 306). In some instances, in generating thebiometric authentication prompt, customer authentication computingplatform 310 may, for example, generate a data message that includesinformation configured to cause the mobile device (e.g., customer mobiledevice 306) to authenticate the user of the mobile device usingbiometrics. In addition, such a message may be configured to be sentdirectly to the mobile device (e.g., customer mobile device 306) fromcustomer authentication computing platform 310, or alternatively, to themobile device (e.g., customer mobile device 306) via a push notificationservice, such as a push notification service provided by pushnotification server 340. For example, push notification server 340 maybe configured to receive requests to send push notifications from one ormore other computer systems and devices, such as customer authenticationcomputing platform 310, and may be further configured to generate and/orsend push notifications to one or more mobile devices (e.g., customermobile device 306, customer mobile device 308) based on such requests.In some instances, push notification server 340 may be configured tocommunicate with mobile devices running one or more specific operatingsystems, while in other instances, push notification server 340 may beconfigured to communicate with mobile devices running various differentoperating systems. Additionally or alternatively, push notificationserver 340 may, in some instances, be operated and/or maintained by anorganization operating customer authentication computing platform 310,such as a financial institution, while in other instances, pushnotification server 340 may be operated and/or maintained by a differentorganization, such as an organization that develops and/or distributesoperating systems to various mobile devices (e.g., customer mobiledevice 306, customer mobile device 308).

At step 412, customer authentication computing platform 310 may send thebiometric authentication prompt to customer mobile device 306. Forexample, at step 412, customer authentication computing platform 310 maycause the biometric authentication prompt to be sent to the mobiledevice (e.g., customer mobile device 306). As discussed above, in someinstances, customer authentication computing platform 310 may send thebiometric authentication prompt directly to customer mobile device 306(e.g., via a data connection established between customer authenticationcomputing platform 310 and customer mobile device 306), while in otherinstances, customer authentication computing platform 310 may send thebiometric authentication prompt to customer mobile device 306 via a pushnotification service, such as a push notification service provided bypush notification server 340.

In some embodiments, causing the biometric authentication prompt to besent to the mobile device may include causing a push notificationservice to send a push notification to the mobile device. For example,in causing the biometric authentication prompt to be sent to the mobiledevice at step 412, customer authentication computing platform 310 maycause a push notification service (which may, e.g., be provided by pushnotification server 340) to send a push notification to the mobiledevice (e.g., customer mobile device 306), as discussed above.

In some embodiments, the biometric authentication prompt may beconfigured to prompt the user of the mobile device to provide biometricinput for verification by the mobile device. For example, the biometricauthentication prompt (which may, e.g., be generated at step 411 and/orsent at step 412) may be configured to prompt the user of the mobiledevice (e.g., customer mobile device 306) to provide biometric input forverification by the mobile device (e.g., customer mobile device 306). Inverifying the biometric input, the mobile device may, for instance,compare the biometric input with one or more predefined and/or storedbiometric credentials, as discussed in greater detail below. In someinstances, the biometric input (e.g., that the biometric authenticationprompt may prompt the user of the mobile device to provide) may befingerprint biometric input, such as a thumbprint or other fingerprintthat may be read by a fingerprint scanner included in and/or coupled tothe mobile device (e.g., customer mobile device 306). Additionally oralternatively, the biometric input may be and/or include other types ofbiometric input, such as voiceprint biometric input, facial imagebiometric input, and/or the like.

At step 413, customer mobile device 306 may receive the biometricauthentication prompt. For example, at step 413, customer mobile device306 may receive the biometric authentication prompt from customerauthentication computing platform 310 and/or via a push notificationservice, such as a push notification service provided by pushnotification server 340. At step 414, customer mobile device 306 maypresent the biometric authentication prompt. For example, in presentingthe biometric authentication prompt at step 414, customer mobile device306 may display, cause to be displayed, and/or otherwise present agraphical user interface similar to graphical user interface 500, whichis illustrated in FIG. 5. As seen in FIG. 5, graphical user interface500 may include text and/or other information prompting the user ofcustomer mobile device 306 to provide biometric input, such as one ormore fingerprints, for validation by customer mobile device 306.

Referring to FIG. 4D, at step 415, customer mobile device 306 mayreceive biometric input. For example, at step 415, customer mobiledevice 306 may receive biometric input from the user of customer mobiledevice 306 that includes one or more fingerprints of the user ofcustomer mobile device 306, one or more voiceprints of the user ofcustomer mobile device 306, one or more images of the user of customermobile device 306 (e.g., for facial recognition and/or other imagerecognition), and/or other biometric input associated with the user ofcustomer mobile device 306. At step 416, customer mobile device 306 mayvalidate the biometric input. For example, in validating the biometricinput at step 416, customer mobile device 306 may compare the biometricinput with stored information defining valid biometric credentials ofthe user of customer mobile device 306 to determine whether thebiometric input is a valid match to the stored information defining thevalid biometric credentials of the user of customer mobile device 306.

In validating the biometric input, if customer mobile device 306determines that the biometric input received from the user of customermobile device 306 is invalid, customer mobile device 306 may generateand/or present an error message and/or may request the user of customermobile device 306 to attempt to provide additional biometric input. Forexample, if customer mobile device 306 determines that the biometricinput received from the user of customer mobile device 306 is invalid,customer mobile device 306 may display, cause to be displayed, and/orotherwise present a graphical user interface similar to graphical userinterface 600, which is illustrated in FIG. 6. As seen in FIG. 6,graphical user interface 600 may include text and/or other informationindicating that the biometric input received from the user of customermobile device 306 could not be verified and/or prompting the user ofcustomer mobile device 306 to attempt to provide such biometric inputagain for verification by customer mobile device 306. Customer mobiledevice 306 may, for example, be configured to allow the user of customermobile device 306 to make a predefined number of attempts (e.g., threeattempts, five attempts, and/or the like) at providing valid biometricinput, and if after the predefined number of attempts, valid biometricinput is still not received and the user of customer mobile device 306cannot be verified, customer mobile device 306 may send a message tocustomer authentication computing platform 310 indicating that thetelephone call placed from customer mobile device 306 to interactivevoice response server 302 should be transferred to agent so as toauthenticate the user of customer mobile device 306 in a different way(e.g., by having the user of customer mobile device 306 provide a useridentifier, passcode, security question answer(s), and/or the like).

Alternatively, in validating the biometric input, if customer mobiledevice 306 determines that the biometric input received from the user ofcustomer mobile device 306 is valid, customer mobile device 306 maygenerate and/or present a successful authentication message and theevent sequence may continue to step 417, as discussed in greater detailbelow. In presenting such a successful authentication message, customermobile device 306 may, for example, display, cause to be displayed,and/or otherwise present a graphical user interface similar to graphicaluser interface 700, which is illustrated in FIG. 7. As seen in FIG. 7,graphical user interface 700 may include text and/or other informationindicating that the biometric input received from the user of customermobile device 306 was successfully verified and/or instructing the userof customer mobile device 306 to return a headset of customer mobiledevice 306 to their ear to continue with the telephone call (e.g., tothe customer assistance line provided by interactive voice responseserver 302).

Referring again to FIG. 4D, at step 417, customer mobile device 306 maygenerate a validation message. For example, after validating thebiometric input received from the user of customer mobile device 306(e.g., at step 416), customer mobile device 306 may generate avalidation message that includes information indicating that validbiometric input was received from the user of customer mobile device 306and/or that the user of customer mobile device 306 was successfullyauthenticated based on biometric input provided by the user of customermobile device 306 to customer mobile device 306 for verification. Atstep 418, customer mobile device 306 may send the validation message tocustomer authentication computing platform 310.

At step 419, customer authentication computing platform 310 may receivethe validation message from customer mobile device 306. For example, atstep 419, customer authentication computing platform 310 may receive,via the communication interface (e.g., communication interface 320), andfrom the mobile device (e.g., customer mobile device 306), a validationmessage. As discussed above, the validation message may be generated bycustomer mobile device 306 and/or may include information indicatingthat valid biometric input was received from the user of customer mobiledevice 306 and/or that the user of customer mobile device 306 wassuccessfully authenticated based on biometric input provided by the userof customer mobile device 306 to customer mobile device 306 forverification. In some embodiments, the validation message may indicatethat the user of the mobile device has provided valid biometric inputmatching one or more predefined biometric credentials stored by themobile device. For example, the validation message (which may, e.g., bereceived by customer authentication computing platform 310 at step 419)may include information indicating that the user of customer mobiledevice 306 has provided valid biometric input matching one or morepredefined biometric credentials stored by customer mobile device 306.Such predefined biometric credentials may, for instance, include one ormore fingerprint biometric credentials stored by customer mobile device306 and/or one or more other biometric credentials stored by customermobile device 306 (which may, e.g., be stored and/or defined during anenrollment and/or registration process, as discussed above).

Referring to FIG. 4E, at step 420, customer authentication computingplatform 310 may generate an authentication message. For example, inresponse to receiving the validation message (e.g., at step 419),customer authentication computing platform 310 may generate anauthentication message at step 420. Such an authentication message may,for example, include information indicating that the user of the mobiledevice (e.g., customer mobile device 306) has been successfullyauthenticated using one or more biometric credentials and/or may beconfigured to cause the interactive voice response server (e.g.,interactive voice response server 302) to treat the user of customermobile device 306 as authenticated in the telephone call from the mobiledevice (e.g., customer mobile device 306) to the customer assistanceline provided by the interactive voice response server (e.g.,interactive voice response server 302), as illustrated in greater detailbelow. At step 421, customer authentication computing platform 310 maysend the authentication message to interactive voice response server302. For example, at step 421, customer authentication computingplatform may send, via the communication interface (e.g., communicationinterface 320), and to the interactive voice response server (e.g.,interactive voice response server 302), the authentication messagegenerated at step 420.

In some embodiments, the authentication message may establish anauthentication status of the user of the mobile device. For example, theauthentication message (which may, e.g., be sent to interactive voiceresponse server 302 by customer authentication computing platform 310 atstep 421) may establish an authentication status of the user of themobile device (e.g., customer mobile device 306). For instance, theauthentication message may include information indicating that the userof customer mobile device 306 has been authenticated by customerauthentication computing platform 310 and thus may be treated asauthenticated by interactive voice response server 302 (e.g., forpurposes of accessing account information and/or other customer-specificdata). Additionally or alternatively, the authentication message may beconfigured to cause the interactive voice response server to provide theuser of the mobile device with access to account information that isspecific to the user of the mobile device. For example, theauthentication message (which may, e.g., be sent to interactive voiceresponse server 302 by customer authentication computing platform 310 atstep 421) may be configured to cause the interactive voice responseserver (e.g., interactive voice response server 302) to provide the userof the mobile device (e.g., customer mobile device 306) with access toaccount information that is specific to the user of the mobile device(e.g., customer mobile device 306). For instance, the authenticationmessage may include instructions, commands, and/or information thatcause interactive voice response server 302 to provide customer mobiledevice 306 and/or the user of customer mobile device 306 with access toaccount information that is specific to the user of customer mobiledevice 306 on the telephone call, such as account balance informationfor the user's accounts, access to funds transfer functions, and/orother account information and/or functions.

At step 422, interactive voice response server 302 may receive theauthentication message from customer authentication computing platform310. At step 423, interactive voice response server 302 may play anauthenticated message. For example, at step 423, interactive voiceresponse server 302 may play an audio message to the user of customermobile device 306, over the telephone connection established betweeninteractive voice response server 302 and customer mobile device 306,that informs the user of customer mobile device 306 that he or she hasbeen successfully authenticated and/or indicates to the user of customermobile device 306 that he or she can access account information via thecustomer assistance line.

At step 424, interactive voice response server 302 may provide access toaccount information. For example, at step 424, interactive voiceresponse server 302 may provide the user of customer mobile device 306with access to account information over the telephone connectionestablished between interactive voice response server 302 and customermobile device 306 based on the authentication message received byinteractive voice response server 302 at step 422. In providing accessto account information, interactive voice response server 302 may, forexample, play and/or otherwise provide a function menu that includesuser-selectable options for different functions available via thetelephone assistance line, and such a function menu may include a numberof audio prompts (e.g., “press 1 to hear account balance information,press 2 to transfer funds between accounts, press 3 to access bill payfeatures, press 0 to speak with a representative”). By providing accessto account information in this way (e.g., based on biometricauthentication credentials validated by customer mobile device 306and/or customer authentication computing platform 310, as discussedabove), the user of customer mobile device 306 advantageously might notneed to provide any additional authentication credentials, such as theiraccount number(s) and/or passcode(s), over the phone. Rather, thebiometric authentication processes discussed above provide a morestreamlined, efficient, and easy-to-use authentication solution forcustomers of the organization (e.g., the financial institution). Inaddition, and as illustrated in greater detail below, once the user ofcustomer mobile device 306 has been authenticated, the user of customermobile device 306 may access and/or interact with account informationvia the telephone assistance line, and such interaction may, forexample, include requesting and/or executing one or more transactionsinvolving one or more accounts of the user of customer mobile device306.

Referring to FIG. 4F, at step 425, interactive voice response server 302may receive input requesting a transaction. For example, at step 425,interactive voice response server 302 may receive input from the user ofcustomer mobile device 306 over the telephone connection betweeninteractive voice response server 302 and customer mobile device 306,and such input may request a transaction (e.g., a funds transfertransaction, a bill pay transaction, and/or the like) involving one ormore accounts of the customer using customer mobile device 306. At step426, interactive voice response server 302 may generate a transactionrequest (e.g., based on the input received at step 425). Such atransaction request may, for instance, include information identifyingthe type of transaction requested (e.g., a funds transfer transaction, abill pay transaction, and/or the like), the amount of the transaction, asource account, a target account, and/or other information associatedwith the transaction. At step 427, interactive voice response server 302may send the transaction request to customer authentication computingplatform 310.

At step 428, customer authentication computing platform 310 may receivethe transaction request. For example, after sending the authenticationmessage (e.g., at step 421), customer authentication computing platform310 may receive, via the communication interface (e.g., communicationinterface 320), and from the interactive voice response server (e.g.,interactive voice response server 302), a transaction request. Thetransaction request may, for instance, include information requesting atransaction to be performed on one or more accounts that are owned byand/or otherwise associated with the user of customer mobile device 306,as well as information identifying the type of transaction requested(e.g., a funds transfer transaction, a bill pay transaction, and/or thelike), the amount of the transaction, a source account, a targetaccount, and/or other information associated with the transaction. Atstep 429, customer authentication computing platform 310 may process thetransaction request. In processing the transaction request, customerauthentication computing platform 310 may, for instance, sendinstructions to and/or otherwise communicate with one or more othercomputer systems that may be operated by the organization (e.g., thefinancial institution) so as to complete the requested transaction. Forexample, customer authentication computing platform 310 may instruct oneor more other computer systems to perform a requested funds transfertransaction by crediting a particular account and debiting anotheraccount. In some embodiments, processing the transaction request mayinclude causing one or more systems operated by a financial institutionto execute a funds transfer transaction. For instance, in processing thetransaction request at step 429, customer authentication computingplatform 310 may cause one or more systems operated by a financialinstitution (which may, e.g., be the financial institution operatingcustomer authentication computing platform 310) to execute a fundstransfer transaction (e.g., be crediting and/or debiting one or moreaccounts, as discussed above).

Referring to FIG. 4G, at step 430, customer authentication computingplatform 310 may generate a transaction complete notification. Such atransaction complete notification may, for example, include informationindicating that the requested transaction has been completed. At step431, customer authentication computing platform 310 may send thetransaction complete notification to interactive voice response server302. At step 432, interactive voice response server 302 may receive thetransaction complete notification. At step 433, interactive voiceresponse server 302 may play a transaction complete message. Forexample, at step 433, interactive voice response server 302 may play anaudio message to the user of customer mobile device 306, over thetelephone connection established between interactive voice responseserver 302 and customer mobile device 306, that informs the user ofcustomer mobile device 306 that the requested transaction has beeninitiated, executed, and/or completed.

In one or more arrangements, if at any point in the example eventsequence discussed above the customer using customer mobile device 306requests assistance from a customer service representative, interactivevoice response server 302 may transfer the telephone call to a customerservice representative (who may, e.g., be using customer servicerepresentative computing device 304). In addition, if the customer usingcustomer mobile device 306 has been authenticated when the telephonecall is transferred to a customer service representative, customerauthentication computing platform 310 may provide information about thecustomer using customer mobile device 306, including informationestablishing the authentication status of the customer using customermobile device 306 and/or other information indicating that the customerusing customer mobile device 306 has been authenticated using biometricinput, to customer service representative computing device 304.Additionally or alternatively, one or more steps of the example eventsequence may be repeated, for instance, as telephone calls are receivedfrom other mobile devices. For example, a similar event sequence may beperformed and/or repeated if interactive voice response server 302receives a telephone call from customer mobile device 308 (which may,e.g., be used by and/or registered to a different customer than customermobile device 306).

FIG. 8 depicts an illustrative method for authenticating customers usingbiometrics in accordance with one or more example embodiments. Referringto FIG. 8, at step 805, a computing platform may receive, from aninteractive voice response server, an inbound call notificationassociated with a telephone call received by the interactive voiceresponse server from a mobile device. At step 810, the computingplatform may determine a device identifier of the mobile device. At step815, the computing platform may determine a customer identifiercorresponding to a user of the mobile device. At step 820, the computingplatform may load a customer authentication profile based on thecustomer identifier. At step 825, the computing platform may generate abiometric authentication prompt for authenticating the user of themobile device. At step 825, the computing platform may cause thebiometric authentication prompt to be sent to the mobile device. At step830, the computing platform may receive, from the mobile device, avalidation message. At step 835, in response to receiving the validationmessage, the computing platform may generate an authentication message.At step 840, the computing platform may send, to the interactive voiceresponse server, the authentication message. At step 845, after sendingthe authentication message, the computing platform may receive, from theinteractive voice response server, a transaction request. At step 850,the computing platform may process the transaction request.

One or more aspects of the disclosure may be embodied in computer-usabledata or computer-executable instructions, such as in one or more programmodules, executed by one or more computers or other devices to performthe operations described herein. Generally, program modules includeroutines, programs, objects, components, data structures, and the likethat perform particular tasks or implement particular abstract datatypes when executed by one or more processors in a computer or otherdata processing device. The computer-executable instructions may bestored on a computer-readable medium such as a hard disk, optical disk,removable storage media, solid-state memory, RAM, and the like. Thefunctionality of the program modules may be combined or distributed asdesired in various embodiments. In addition, the functionality may beembodied in whole or in part in firmware or hardware equivalents, suchas integrated circuits, application-specific integrated circuits(ASICs), field programmable gate arrays (FPGA), and the like. Particulardata structures may be used to more effectively implement one or moreaspects of the disclosure, and such data structures are contemplated tobe within the scope of computer executable instructions andcomputer-usable data described herein.

Various aspects described herein may be embodied as a method, anapparatus, or as one or more computer-readable media storingcomputer-executable instructions. Accordingly, those aspects may takethe form of an entirely hardware embodiment, an entirely softwareembodiment, an entirely firmware embodiment, or an embodiment combiningsoftware, hardware, and firmware aspects in any combination. Inaddition, various signals representing data or events as describedherein may be transferred between a source and a destination in the formof light or electromagnetic waves traveling through signal-conductingmedia such as metal wires, optical fibers, or wireless transmissionmedia (e.g., air or space). In general, the one or morecomputer-readable media may comprise one or more non-transitorycomputer-readable media.

As described herein, the various methods and acts may be operativeacross one or more computing servers and one or more networks. Thefunctionality may be distributed in any manner, or may be located in asingle computing device (e.g., a server, a client computer, and thelike). For example, in alternative embodiments, one or more of thecomputing platforms discussed above may be combined into a singlecomputing platform, and the various functions of each computing platformmay be performed by the single computing platform. In such arrangements,any and/or all of the above-discussed communications between computingplatforms may correspond to data being accessed, moved, modified,updated, and/or otherwise used by the single computing platform.Additionally or alternatively, one or more of the computing platformsdiscussed above may be implemented in one or more virtual machines thatare provided by one or more physical computing devices. In sucharrangements, the various functions of each computing platform may beperformed by the one or more virtual machines, and any and/or all of theabove-discussed communications between computing platforms maycorrespond to data being accessed, moved, modified, updated, and/orotherwise used by the one or more virtual machines.

Aspects of the disclosure have been described in terms of illustrativeembodiments thereof. Numerous other embodiments, modifications, andvariations within the scope and spirit of the appended claims will occurto persons of ordinary skill in the art from a review of thisdisclosure. For example, one or more of the steps depicted in theillustrative figures may be performed in other than the recited order,and one or more depicted steps may be optional in accordance withaspects of the disclosure.

What is claimed is:
 1. A system, comprising: at least one processor; acommunication interface communicatively coupled to the at least oneprocessor; and memory storing computer-readable instructions that, whenexecuted by the at least one processor, cause the system to: receive,via the communication interface, and from an interactive voice responseserver, an inbound call notification associated with a telephone callreceived by the interactive voice response server from a mobile device;determine a device identifier of the mobile device; determine a useridentifier corresponding to a user of the mobile device; load anauthentication profile based on the user identifier; cause a biometricauthentication prompt for authenticating the user of the mobile deviceto be presented by the mobile device; receive, via the communicationinterface, and from the mobile device, a validation message; in responseto receiving the validation message, generate an authentication message;and send, via the communication interface, and to the interactive voiceresponse server, the authentication message.
 2. The system of claim 1,wherein the user identifier identifies the user of the mobile device asa customer of an organization operating the system.
 3. The system ofclaim 1, wherein the authentication profile comprises informationindicating that the user of the mobile device has registered the mobiledevice to receive biometric authentication prompts.
 4. The system ofclaim 1, wherein the authentication profile comprises informationindicating that the mobile device stores one or more predefinedbiometric credentials.
 5. The system of claim 1, wherein causing thebiometric authentication prompt for authenticating the user of themobile device to be presented by the mobile device comprises causing apush notification service to send a push notification to the mobiledevice.
 6. The system of claim 1, wherein the biometric authenticationprompt is configured to prompt the user of the mobile device to providebiometric input for verification by the mobile device.
 7. The system ofclaim 1, wherein the validation message indicates that the user of themobile device has provided valid biometric input matching one or morepredefined biometric credentials stored by the mobile device.
 8. Thesystem of claim 1, wherein the authentication message establishes anauthentication status of the user of the mobile device.
 9. The system ofclaim 1, wherein the authentication message is configured to cause theinteractive voice response server to provide the user of the mobiledevice with access to account information that is specific to the userof the mobile device.
 10. The system of claim 1, wherein the memorystores additional computer-readable instructions that, when executed bythe at least one processor, cause the system to: after sending theauthentication message, receive, via the communication interface, andfrom the interactive voice response server, a transaction request; andprocess the transaction request.
 11. The system of claim 6, wherein thebiometric input comprises fingerprint biometric input.
 12. The system ofclaim 10, wherein processing the transaction request comprises causingone or more systems operated by a financial institution to execute afunds transfer transaction.
 13. A method, comprising: at a computingplatform comprising at least one processor, memory, and a communicationinterface: receiving, by the at least one processor, via thecommunication interface, and from an interactive voice response server,an inbound call notification associated with a telephone call receivedby the interactive voice response server from a mobile device;determining, by the at least one processor, a device identifier of themobile device; determining, by the at least one processor, a useridentifier corresponding to a user of the mobile device; loading, by theat least one processor, an authentication profile based on the useridentifier; causing, by the at least one processor, a biometricauthentication prompt for authenticating the user of the mobile deviceto be presented by the mobile device; receiving, by the at least oneprocessor, via the communication interface, and from the mobile device,a validation message; in response to receiving the validation message,generating, by the at least one processor, an authentication message;and sending, by the at least one processor, via the communicationinterface, and to the interactive voice response server, theauthentication message.
 14. The method of claim 13, wherein the useridentifier identifies the user of the mobile device as a customer of anorganization operating the computing platform.
 15. The method of claim13, wherein the authentication profile comprises information indicatingthat the user of the mobile device has registered the mobile device toreceive biometric authentication prompts.
 16. The method of claim 13,wherein the authentication profile comprises information indicating thatthe mobile device stores one or more predefined biometric credentials.17. The method of claim 13, wherein causing the biometric authenticationprompt for authenticating the user of the mobile device to be presentedby the mobile device comprises causing a push notification service tosend a push notification to the mobile device.
 18. The method of claim13, wherein the biometric authentication prompt is configured to promptthe user of the mobile device to provide biometric input forverification by the mobile device.
 19. The method of claim 18, whereinthe biometric input comprises fingerprint biometric input.
 20. One ormore non-transitory computer-readable media storing instructions that,when executed by a computing platform comprising at least one processor,memory, and a communication interface, cause the computing platform to:receive, via the communication interface, and from an interactive voiceresponse server, an inbound call notification associated with atelephone call received by the interactive voice response server from amobile device; determine a device identifier of the mobile device;determine a user identifier corresponding to a user of the mobiledevice; load an authentication profile based on the user identifier;cause a biometric authentication prompt for authenticating the user ofthe mobile device to be presented by the mobile device; receive, via thecommunication interface, and from the mobile device, a validationmessage; in response to receiving the validation message, generate anauthentication message; and send, via the communication interface, andto the interactive voice response server, the authentication message.